REMARKS 



This communication is responsive to the Office Action mailed February 28, 2007. Claims 
1-30 were pending in the application. While a number of the claims have been amended, no 
claims have been cancelled. Claims 31 and 32 are added. The amendments to the claims as 
indicated herein do not add any new matter to this application. 

CLAIM REJECTIONS— 35 U.S.C. § 112, First Paragraph 

Claims 1-30 are rejected as failing to comply with the written description requirement. 

The Examiner sums up the reasoning with the statement 

"There are various ways of collecting user behavior, not involving database queries, and 
because database queries were not mentioned in the specification or initial version of the 
claims, the amendments appear to be new matter." 

By this amendment, the independent claims have been amended to remove the feature 
complained of by the Examiner and to revert back to language closer to the original language. 

It is noted, though, that the claims even as now amended recite that the user behavior data 
is collected "from the database server that manages the database." This feature is described in 
the specification at, for example, paragraph [0045], which states: "In block 310, data sets 
comprising user behavior data are collected from the database server." 

The independent claims further recite "wherein the collecting includes reading, from the 
database server, the data sets comprising user behavior data" and the data sets are "maintained 
permanently by the database server." This may be, for example, an audit trail, "which is typically 
a permanent record. . .Audit approaches, in contrast, provide for all audited events to appear in 
the audit trail until purged." (See, for example, paragraph [0049].) 

Dependent claims (e.g., claims 3 and 17) as amended recite "wherein collecting user 
behavior data comprises: reading information from an audit trail of a database manager." Again, 
this is disclosed, for example, at paragraph [0049]. Other claims have been adjusted as well. 

Applicant therefore asserts that claims 1-30 satisfy the written description requirement of 
35 USC § 112, First Paragraph. 

It is further noted that claims 31 and 32 have been added to additionally recite "collecting 
user behavior data further comprises: reading information from dynamic performance views of a 
database manager." This feature is described in the specification at, for example, paragraph 
[0049] referenced above. Furthermore, claims 33 and 34 have been added to additionally recite 
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that the data sets maintained permanently by the database server include audit trails. This is also 
described in the specification at, for example, paragraph [0049]. 

REJECTIONS BASED ON THE CITED ART 

Anticipation over Mattsson (Claims 1-5, 14, 29 and 30) 

Claims 1-5, 14, 29 and 30 are rejected under 35 U.S.C. § 102(e) as being allegedly 
anticipated by Mattsson (EP 1 315 065 Al). This rejection is respectfully traversed. 

As discussed above relative to the rejection under 35 USC § 112, First Paragraph, the 

independent claims have been amended to recite: 

"collecting, from the database server that manages the database, data sets maintained 

permanently by the database server and comprising user behavior data wherein the 

collecting includes reading, from the database server, the data sets comprising user 
behavior data" 

Mattsson does not disclose such a feature. That is, Mattsson does not collect "data sets 
maintained permanently by the database server. . . wherein the collecting includes reading, from 
the database server, the data sets comprising user behavior data." 

Rather, with Mattsson, a query from a user is presented to the database and "the result of 
a query is evaluated before it is transmitted to the user." Mattsson, [001 1]. This is as part of an 
access control system. Mattsson does not disclose data sets comprising user behavior being read 
from the data base server. 

With regard to claim 2, since Mattsson does not disclose operating on user behavior data 
that has been collected by reading, from the database server, data sets maintained permanently by 
the database server and comprising user behavior data, Mattsson cannot disclose operating on 
such user behavior data with respect to a rules based policy or anomalous activity. 

With regard to claim 3, the Examiner refers to Mattsson' s paragraph [0027], and then 

notes that "The audit trail information in the instant application's specification in paragraph 

[0009] refers to information about database accesses...." Mattsson' s paragraph [0027] reads: 

A second component 13 of the intrusion detection module 10 is adapted to store all 
results from queries including marked items, thereby creating a record 14 of accumulated 
access of marked items. If advantageous, the record can be kept in a separate log file 15, 
for long term storage, accumulating data access over a longer period of time." 

Notably, however, the information in the "separate log file 15" is not "data sets maintained 

permanently by the database server" and, furthermore, Mattsson does not disclose collecting the 

information where "the collecting includes reading, from the database server, the data sets 

comprising user behavior data." Therefore, Mattsson does not disclose the feature recited in 

claim 3. 
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With regard to claim 4, since Mattsson does not disclose collecting information where 
"the collecting includes reading, from the database server, the data sets comprising user behavior 
data," Mattsson cannot disclose collecting such information at any particular monitoring level. 

With regard to claim 5, since Mattsson does not disclose collecting information where 
"the collecting includes reading, from the database server, the data sets comprising user behavior 
data," Mattsson cannot disclose determining any particular monitoring level nor collecting such 
information at any particular monitoring level. 

Claim 14 depends from claim 1 and, therefore, claim 14 is patentably distinct over 
Mattsson for at least the reasons that claim 1 is patentably distinct over Mattsson. 

Claim 29 is similar to claim 1 . Applicant incorporates herein the arguments set forth 
above with respect to the patentable distinction of claim 1 over Mattsson. 

Claim 30 is similar to claim 1 . Applicant incorporates herein the arguments set forth 
above with respect to the patentable distinction of claim 1 over Mattsson. 

Obviousness over Mattsson and Sekiguchi (Claims 6-13) 

Claims 6-13 are rejected under 35 U.S.C. § 103(a) as being allegedly obvious over 
Mattsson in view of Sekiguchi. The rejection is respectfully traversed. 

In particular, claims 6-13 all depend directly or indirectly from claim 1 and, therefore, 
claims 6-13. Given the Examiner's reliance on Mattsson in making the current rejection is the 
same as set forth above in the anticipation rejection, it is respectfully submitted that claims 6-13 
are patentable over the combination of Mattsson and Sekiguchi for at least reasons similar to 
those set forth above that claim 1 is patentably distinct over Mattsson alone. 

Obviousness over Mattsson and Ho (Claims 15-19 and 28) 

Claims 15-19 and 28 are rejected under35 U.S.C. § 103(a) as being allegedly obvious 
over Mattsson in view of Ho. The rejection is respectfully traversed. 

Claims 15-19 are similar to claims 1-5 and 14 above. Given the Examiner's reliance on 
Mattsson in making the current rejection is the same as set forth above in the anticipation 
rejection, it is respectfully submitted that claims 15-19 and 29 are patentable over the 
combination of Mattsson and Ho for at least reasons similar to those set forth above that claims 
1-5 and 14 are patentably distinct over Mattsson alone. 
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Obviousness over Mattsson, Ho and Sekiguchi (Claims 20-27) 

Claims 20-27 are rejected under35 U.S.C. § 103(a) as being allegedly obvious over 
Mattsson in view of Ho and Sekiguchi. The rejection is respectfully traversed. 

In particular, claims 20-27 are similar to claims 6-13 above. Given the Examiner's 
reliance on Mattsson in making the current rejection is the same as set forth above with respect 
to claims 6-13, and also the same as set forth above in the anticipation rejection, it is respectfully 
submitted that claims 20-27 are patentable over the combination of Mattson, Ho and Sekiguchi 
for at least reasons that claims 6-13 are patentable over the combination of Mattsson and 
Sekiguchi and that claim 1 is patentably distinct over Mattsson alone. 

CONCLUSION 

Applicant believes that all pending claims are allowable and respectfully requests a 
Notice of Allowance for this application from the Examiner. Should the Examiner believe that a 
telephone conference would expedite the prosecution of this application, the undersigned can be 
reached at the telephone number set out below. 

Respectfully submitted, 
BEYER WEAVER LLP 

/ASH/ 

Alan S. Hodes 
Reg. No. 38,185 

P.O. Box 70250 
Oakland, CA 94612-0250 
(408) 255-8001 
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